A use of uninitialized pointer vulnerability exists in the PQS format pFormat functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
Created openbabel tracking bugs for this issue: Affects: epel-all [bug 2251707] Affects: fedora-all [bug 2251706]